Roadmap
Last updated: Apr 23, 2026
We are excited to share our priorities and upcoming features, designed to enhance security, simplify workflows, and empower you with greater efficiency and transparency.
AI-powered vulnerability scanner (in progress)
Completed: We built an AI-powered SAST scanner that automates vulnerability detection previously requiring manual analysis. It identifies SQL injections and XSS, with over 90% precision at automation speed.
Current focus: We are enhancing detection accuracy (precision and recall) and expanding CWE coverage to support a broader range of vulnerability types (aka weaknesses).
To see how we are doing on these goals, check the entries marked with "AI-SAST" in our changelog.
Fluid Attacks' peer reviewer assistant (in progress)
Overview: A complementary security approach that provides AI-powered comments on your pull requests to help prevent vulnerability injection before code is merged. This functionality will be exclusively available on the Advanced plan.
Completed: Azure DevOps and GitLab integrations for SAST and SCA techniques are now available.
Current focus: Adding GitHub integration for SAST and SCA techniques.
To see how we are doing on these goals, check the entries marked with "Peer Reviewer" in our changelog.
Scope management improvements (in progress)
Completed: Enhanced mobile application environment registration workflow for better usability. Table filters for environments and files to improve navigation and management. Group creation redesign.
Current focus: Improving group workflow to make it clear that environments can be registered to groups.
To see how we are doing on these goals, check the entries marked with "ASPM" in our changelog.
IntelliJ plugin enhancements (in progress)
Completed: Custom Fix, reattack, and Autofix features are now available.
Current focus: Adding SCA Custom Fix support for IntelliJ.
Stay tuned to entries marked with "IDE plugins" in our changelog to identify our progress on this goal.
SCA fix recommendations (in progress)
Completed: CVE fix information is now available in our database and the platform, providing developers with immediate remediation guidance for vulnerable dependencies.
Enhanced Custom Fix recommendations with three alternatives: (a) minimum version that fixes the CVE but may introduce new vulnerabilities, (b) minimum version that fixes without introducing new issues, and (c) nearest package version with no vulnerabilities. These enhanced recommendations are available in VS Code and Cursor plugins.
Current focus: Rolling out Custom Fix recommendations to IntelliJ. Building Autofix capability to automatically generate code diffs for SCA remediation.
Stay tuned to entries marked with "Fixes" in our changelog to identify our progress on this goal.
Rust language support (in progress)
Current focus: Adding Rust as a newly supported language for vulnerability detection.
Automated API DAST (in progress)
Current focus: Building an automated DAST scanner for APIs to extend dynamic analysis capabilities.
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.
2023
See new features and enhancements to the Fluid Attacks platform, tools and other products. The company works always to improve its security testing capability.
AI functions
Discover the AI functions supported by Fluid Attacks to prioritize files for security testing and fix application vulnerabilities effectively.